All Threat Actors
Medusa
Also known as: MedusaLocker, Medusa Team
Ransomware. Tor-based leak site. Not related to MedusaLocker.
Origin: Unknown
Targets
healthcareeducationgovernment
Associated Intelligence
China-Linked Storm-1175 Exploits Zero-Days
A China-based threat actor has been linked to the exploitation of zero-day and N-day vulnerabilities to rapidly deploy Medusa ransomware. Organizations with internet-facing systems are at risk, particularly those with exposed perimeter assets. To
7/4/2026High